<?php

class model_user_access extends model
{
	
	// 登陆
	public function login($username, $password, $rememberme = false)
	{
        $password = md5($password.'Mr Bone');
        
		$session = bone::get_session();
		$ip = $_SERVER["REMOTE_ADDR"];
		$times = $session->get( $ip );
		if( !$times ) $times=0;
		$times++;
		if($times>10)
		{
			$this->set_error('系统检测到您的登陆行为异常, 限制登陆!');
			return false;
		}
		$session->set( $ip, $times );

		$db = bone::get_db();
		$user = $db->get_obj( 'SELECT * FROM `bone_user` WHERE `username`=\''.trim($username).'\'' );

		if($user)
		{
			if( $user->password == $password )
			{
				if($user->block==1)
				{
					$this->set_error('您的账号被屏蔽， 请和管理员联系!');
					return false;
				}

				$session->clear( $ip );
				$session->set('user', bone::get_user( $user->id ) );

				$db->execute( 'UPDATE `bone_user` SET `last_visit_time`='.time().' WHERE `id`='.$user->id );
				if($rememberme)
				{
					$life_time = time() + 365*24*60*60;
					setcookie( 'rememberme', 1, $life_time, '/' );
					setcookie( 'rememberme_username', base64_encode($username), $life_time, '/' );
					setcookie( 'rememberme_password', base64_encode($password), $life_time, '/' );
				}
				return $user;
			}
			else
			{
				$this->set_error('密码错误!');
			}
		}
		else
		{
			$this->set_error('用户名不存在!');
		}
		return false;
	}
	

	// 记住我
	public function rememberme()
	{
		if(isset($_COOKIE['rememberme']) && $_COOKIE['rememberme']==1)
		{
			if(isset($_COOKIE['rememberme_username']) && isset($_COOKIE['rememberme_password']))
			{
				$username = base64_decode($_COOKIE['rememberme_username']);
				$password = base64_decode($_COOKIE['rememberme_password']);
				
				$db = bone::get_db();
		        $user = $db->get_obj( 'SELECT * FROM `bone_user` WHERE `username`=\''.trim($username).'\'' );
    			if( $user->password == $password  && $user->block==0)
    			{
                    $session = bone::get_session();
    				$session->set('user', bone::get_user( $user->id ) );
    				
    				$db->execute( 'UPDATE `bone_user` SET `last_visit_time`='.time().' WHERE `id`='.$user->id );
    				return $user;
    			}
    			else
    			{
                	$this->logout();
    			}
			}
		}
	}

	// 退出
	public function logout()
	{
		$session = bone::get_session();
		$session->clear('user');

		$life_time = time()-1;
		setcookie( 'rememberme',0, $life_time, '/' );
		setcookie( 'rememberme_username', '', $life_time, '/' );
		setcookie( 'rememberme_password', '', $life_time, '/' );

		return true;
	}


	// 注册
	public function register($username,$email,$password, $name='' )
	{

		$db = bone::get_db();

		if($db->get_result( 'SELECT COUNT(*) FROM `bone_user` WHERE `username`=\''.$username.'\'' ))
		{
			$this->set_error('已存在此用户名('.$username.')');
			return false;
		}

		if($db->get_result( 'SELECT COUNT(*) FROM `bone_user` WHERE `email`=\''.$email.'\'' ))
		{
			$this->set_error('已存在此邮箱('.$email.')');
			return false;
		}
		
		$t = time();
		$user = bone::get_table('user');
		$user->username = $username;
		$user->email = $email;
		$user->name = $name;
		$user->password = md5($password.'Mr Bone');
		$user->key = '';
		$user->register_time = $t;
		$user->last_visit_time = $t;
		$user->is_admin = 0;
		$user->block = 0;
		$user->save();

		$config = bone::get_config('system');

		$subject = '您成功在 '.$config->site_name.'上注册了一个账号';
		$body = '账号信息如下:<br>';
		$body .= '用户名:'.$user->username.'<br>';
		$body .= '邮箱:'.$user->email.'<br>';
		$body .= '名字:'.$user->name.'<br><br>';
		$body .= '请记好您的用户信息，点击这里访问 <a href="'.$config->site_url.'" target="_blank">'.$config->site_name.'</a>';
		
		$mail = bone::get('mail');
		$mail->set_subject($subject);
		$mail->set_body($body);
		$mail->to($user->email);
		$mail->send();

		return $user;
	}

	// 忘记密码
	public function forget_password($type, $value )
	{
		$user = bone::get_table('user');
		$user->load_by($type, $value);
		if($user->id==0)
		{
			$this->set_error('不存在该账号');
			return false;
		}

		if($user->id==1)
		{
			$this->set_error('默认管理员不能使用此功能');
			return false;
		}

		$user->key = md5(rand());
		$user->save();

		$config = bone::get_config('system');

		$url = url('/?app=user&task=forget_password_reset&user_id='.$user->id.'&key='.$user->key);

		$subject = '找回在 '.$config->site_name.' 的密码';
		$body = '您于'. date('Y-m-d H:i:s') .' 申请找回在 '.$config->site_name.' 上的密码<br><br>请点击以下链接重设密码:<br>';
		$body .= '<a href="'.$url.'" target="_blank">'.$url.'</a>';
		
		$mail = bone::get('mail');
		$mail->set_subject($subject);
		$mail->set_body($body);
		$mail->to($user->email);
		$mail->send();

		return true;
	}

	public function forget_password_reset( $user_id, $key, $password )
	{

		if($user_id==1)
		{
			$this->set_error('默认管理员不能使用此功能');
			return false;
		}

		$user = bone::get_table('user');
		$user->load($user_id);

		if($user->key != $key)
		{
			if($user->key=='')
				$this->set_error('密码已设置');
			else
				$this->set_error('激活链接已失效');
			return false;
		}

		$user->password = md5($password.'Mr Bone');
		$user->key = '';
		$user->save();


		$config = bone::get_config('system');

		$subject = '您重设了 '. $config->site_name.' 上的密码';
		$body = '您于'. date('Y-m-d H:i:s') .' 成功重设了 '.$config->site_name.'上的密码<br>请记好您的新密码.<br><br>';
		$body .= '返回 <a href="'.$config->site_url.'" target="_blank">'.$config->site_name.'</a>';
		
		$mail = bone::get('mail');
		$mail->set_subject($subject);
		$mail->set_body($body);
		$mail->to($user->email);
		$mail->send();

		return true;
	}

}
?>